General
-
Target
setup.exe
-
Size
245KB
-
Sample
230317-s1w6vaah8v
-
MD5
12358cc9592b4794a0fd578a9c27af31
-
SHA1
050e5d65a1460c0363e8316d5b75b4e13374d7a1
-
SHA256
f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7
-
SHA512
9c224eefb097be200f3b80480a534983e8b3d12ef6755f0dcdd38044267c3248459c3b2afd39c8b8f8bf8ab5c38c8deb70ef5231344c64b8132aeb9fcdde4c8b
-
SSDEEP
3072:7gQUwYcJ+quJ/2esNiLuywkXbnExkk67BcgiLdgiy//2TZ0iNGmemsjE6yhfhVAZ:chwl2cgv9L0pMcJmtulvmmmOhoJ
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
laplas
http://45.159.189.105
-
api_key
9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172
Targets
-
-
Target
setup.exe
-
Size
245KB
-
MD5
12358cc9592b4794a0fd578a9c27af31
-
SHA1
050e5d65a1460c0363e8316d5b75b4e13374d7a1
-
SHA256
f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7
-
SHA512
9c224eefb097be200f3b80480a534983e8b3d12ef6755f0dcdd38044267c3248459c3b2afd39c8b8f8bf8ab5c38c8deb70ef5231344c64b8132aeb9fcdde4c8b
-
SSDEEP
3072:7gQUwYcJ+quJ/2esNiLuywkXbnExkk67BcgiLdgiy//2TZ0iNGmemsjE6yhfhVAZ:chwl2cgv9L0pMcJmtulvmmmOhoJ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-